Missing User Warnings
Medium
- Confidence
- 88% confidence
- Finding
- The skill clearly routes user-supplied target URLs and screenshot content to a third-party cloud API, and the documentation does not warn users that browsing targets, page contents, and possibly authenticated page views may be transmitted off-platform and potentially stored externally. In this context, the omission is security-relevant because users may unintentionally send sensitive internal URLs or confidential web content to an external service.
